Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC5A1B9A473811EEB8A628584AD9E6FC.roa
File: BC5A1B9A473811EEB8A628584AD9E6FC.roa (raw, json)
Hash identifier: VNAb2FkQRcZPrdweyZ9oCDARG69FaYzY/OxomKASmz8=
Subject key identifier: F1:37:B7:DC:0D:23:C9:0B:7E:E7:17:2A:C5:25:58:F4:BB:6C:2C:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 3AE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC5A1B9A473811EEB8A628584AD9E6FC.roa
Signing time: Wed 30 Aug 2023 13:25:50 +0000
ROA not before: Wed 30 Aug 2023 13:25:47 +0000
ROA not after: Thu 08 Aug 2024 13:25:47 +0000
asID: 133199
IP address blocks: 154.204.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15079 (0x3ae7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 30 13:25:47 2023 GMT
Not After : Aug 8 13:25:47 2024 GMT
Subject: CN=64ef435e-2862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:88:ff:66:4b:a1:99:fc:cd:f8:f9:3f:8b:65:
f6:47:20:02:cc:fd:c2:a8:56:f2:22:c5:81:45:67:
88:b4:d4:9b:6b:bc:64:8f:46:12:9d:e9:bd:9a:ca:
17:c5:c1:79:5e:78:5b:e4:e7:66:30:7d:a6:be:d5:
23:d3:0f:73:c0:52:99:03:1b:e1:ab:e4:06:af:b0:
78:29:e6:50:b6:e3:d0:8b:7b:a9:4c:f4:42:2a:0f:
59:58:b7:af:5f:84:cf:48:6b:50:b7:6d:31:57:1f:
80:92:a5:22:52:0d:97:77:6e:2e:cc:04:ec:20:d6:
dd:a0:32:7e:09:86:ef:0b:6a:6e:a2:74:10:e1:87:
ea:a2:92:10:b9:ba:b1:7e:0e:b9:9c:ea:f0:c1:b8:
47:be:45:62:66:55:9d:7a:6a:6a:f0:0a:06:a6:09:
b5:45:ec:a4:4d:ab:7c:42:00:64:c9:aa:9d:57:4d:
0a:23:27:45:f2:44:94:ae:b0:7c:85:68:9a:f5:d0:
32:fe:cc:d9:dd:fd:42:7f:5a:16:99:59:9d:16:5f:
3c:cd:31:7c:0b:77:9a:92:f2:25:d8:26:c6:21:6b:
7a:3a:0e:d6:94:cb:d8:4a:57:b7:b9:98:f9:82:b2:
d7:9d:ec:6d:d0:9a:ae:88:94:e0:c2:9a:39:7d:49:
0d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:37:B7:DC:0D:23:C9:0B:7E:E7:17:2A:C5:25:58:F4:BB:6C:2C:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC5A1B9A473811EEB8A628584AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.35.0/24
Signature Algorithm: sha256WithRSAEncryption
24:08:b9:84:5e:2c:0e:82:63:49:42:2b:fe:3c:43:86:53:79:
13:55:9b:1d:b6:5e:14:9f:c6:2e:08:c0:77:b5:6c:a7:18:46:
aa:8f:84:aa:e6:aa:23:ab:c2:71:00:6f:fe:21:73:70:d4:de:
7d:58:81:b2:14:c6:60:be:2f:e4:ef:05:3e:a5:c5:0f:34:2d:
91:e7:2f:2f:57:e4:22:50:f3:c3:0f:34:4a:4b:fe:78:ca:6e:
4b:da:b1:fb:ff:b6:6c:21:df:3e:bd:fa:ab:67:34:4e:c8:d2:
11:f8:b3:16:88:bd:e2:12:6f:e7:e9:c0:16:26:4b:17:f1:e5:
ee:d7:0c:5e:88:61:02:a5:95:00:a7:8e:8d:41:8f:ba:17:e3:
a0:e3:d2:06:af:d9:e9:13:bc:d4:cd:48:d3:b8:08:78:13:b4:
bd:05:31:af:8f:eb:19:ad:65:98:db:48:83:07:15:d9:e5:9a:
21:1e:87:e7:93:23:a3:14:66:0e:9d:8c:c1:9c:60:b3:84:0a:
8e:40:5f:09:af:ae:d0:a5:c8:0a:a9:db:f1:31:5e:80:93:44:
70:76:2e:bf:25:c4:6f:29:0a:e2:78:97:2b:5e:42:cd:63:df:
4f:0b:a8:23:69:b3:11:a7:4a:35:bc:04:fa:89:62:d6:aa:29:
85:d7:da:74
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICOucwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA4MzAxMzI1NDdaFw0yNDA4MDgxMzI1NDdaMBgxFjAU
BgNVBAMTDTY0ZWY0MzVlLTI4NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSiP9mS6GZ/M34+T+LZfZHIALM/cKoVvIixYFFZ4i01JtrvGSPRhKd6b2a
yhfFwXleeFvk52Ywfaa+1SPTD3PAUpkDG+Gr5AavsHgp5lC249CLe6lM9EIqD1lY
t69fhM9Ia1C3bTFXH4CSpSJSDZd3bi7MBOwg1t2gMn4Jhu8Lam6idBDhh+qikhC5
urF+Drmc6vDBuEe+RWJmVZ16amrwCgamCbVF7KRNq3xCAGTJqp1XTQojJ0XyRJSu
sHyFaJr10DL+zNnd/UJ/WhaZWZ0WXzzNMXwLd5qS8iXYJsYha3o6DtaUy9hKV7e5
mPmCsted7G3Qmq6IlODCmjl9SQ0nAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8Te3
3A0jyQt+5xcqxSVY9LtsLOgwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JDNUExQjlBNDczODExRUVCOEE2Mjg1ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazCMwDQYJKoZIhvcNAQEL
BQADggEBACQIuYReLA6CY0lCK/48Q4ZTeRNVmx22XhSfxi4IwHe1bKcYRqqPhKrm
qiOrwnEAb/4hc3DU3n1YgbIUxmC+L+TvBT6lxQ80LZHnLy9X5CJQ88MPNEpL/njK
bkvasfv/tmwh3z69+qtnNE7I0hH4sxaIveISb+fpwBYmSxfx5e7XDF6IYQKllQCn
jo1Bj7oX46Dj0gav2ekTvNTNSNO4CHgTtL0FMa+P6xmtZZjbSIMHFdnlmiEeh+eT
I6MUZg6djMGcYLOECo5AXwmvrtClyAqp2/ExXoCTRHB2Lr8lxG8pCuJ4lyteQs1j
308LqCNpsxGnSjW8BPqJYtaqKYXX2nQ=
-----END CERTIFICATE-----
Generated at Sun May 11 14:20:31 2025 by rpki-client